<?php 
/*************************************************************************************
 * checklogin.php
 * -----------
 * phpGMapTrips 
 * 
 * This php application allows you to easily record your travel destinations 
 * and display them with Google maps.
 * 
 * Author: Stephane Coste (lescoste@gmail.com)
 * Copyright: (c) 2006 Stephane Coste (http://lescoste.net/)
 * Release Version: 0.1
 * CVS Revision Version: $Revision: 1.4 $
 * Date Started: 2006/02/19
 * Last Modified: $Date: 2007/03/08 20:44:29 $
 *
 * CHANGES
 * -------
 * 2006/02/27 (0.2)
 *  -  Second release 
 * uses specific name for php session to avoid interferences with other applications
 *
 * 2006/02/19 (0.1)
 *  -  First Release
 *
 *************************************************************************************
 *
 *     This file is part of phpGMapTrips.
 *
 *   phpGMapTrips is free software; you can redistribute it and/or modify
 *   it under the terms of the GNU General Public License as published by
 *   the Free Software Foundation; either version 2 of the License, or
 *   (at your option) any later version.
 *
 *   phpGMapTrips is distributed in the hope that it will be useful,
 *   but WITHOUT ANY WARRANTY; without even the implied warranty of
 *   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 *   GNU General Public License for more details.
 *
 *   You should have received a copy of the GNU General Public License
 *   along with phpGMapTrips; if not, write to the Free Software
 *   Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
 *
 ************************************************************************************/
?>
<?PHP
// loading functions and libraries
$strUserNotExist = $strUserNotAllowed = $strPwNotFound = $strPwFalse = $strNoPassword = $strNoAccess;

// make post variables global
$entered_login = $_POST['entered_login'];
$entered_password = $_POST['entered_password'];

// check if login is necesary
if (!$entered_login && !$entered_password) {
	// use data from session
	session_name("phpGMapTrips");
	session_start();
	$login = $_SESSION['login'];
	$password = $_SESSION['password'];
} else {
	// use entered data
	session_name("phpGMapTrips");
	session_start();
	session_unregister("login");
	session_unregister("password");

	// encrypt entered login & password
	$login = $entered_login;
	if ($passwordEncryptedWithMD5 && function_exists(md5)) {
		$password = md5($entered_password);
	} else {
		$password = $entered_password;
	}
	$_SESSION['login'] = $login;
	$_SESSION['password'] = $password;
}

if (!$login) {
	// no login available
	include("interface.php");
	exit;
}
if (!$password) {
	// no password available
	$message = $strNoPassword;
	include("interface.php");
	exit;
}

$numLogin = count($cfgLogin);
$userFound = false;
// check all the data input
for ($i = 1; $i <= $numLogin; $i++) {
	if ($cfgLogin[$i] != '' && $cfgLogin[$i] == $login) {
		// user found --> check password
		if ($cfgPassword[$i] == '' || $cfgPassword[$i] != $password) {
			// password is wrong
			$message = $strPwFalse;
			include("logout.php");
			include("interface.php");
			exit;
		}
		$userFound = true;
		$userNr = $i;
	}	}
	if ($userFound == false) {
		// user is wrong
		$message = $strUserNotExist;
		include("logout.php");
		include("interface.php");
		exit;
	}
	$userLevel = $cfgUserLevel[$userNr];
	$ID = $cfgUserID[$userNr];


	// restore values
	if ($dbOld) $db = $dbOld;
	if ($messageOld) $message = $messageOld;
?>
